libvncserver: 0.9.11 -> 0.9.12 (#74514)

Vuln roundup #73664 -- unstable channel Version bump from 0.9.11 to 0.9.12 fixes: * CVE-2018-6307 * CVE-2018-15126 * CVE-2018-15127 * CVE-2018-20019 * CVE-2018-20020 * CVE-2018-20021 * CVE-2018-20022 * CVE-2018-20023 * CVE-2018-20024 * CVE-2018-20748 * CVE-2018-20749 Plus add two upstream patches to fix: * CVE-2018-20750 * CVE-2019-15681
2019-11-29 19:14:40 +01:00 · 2019-11-29 19:14:40 +01:00 · 3fb4e09812
commit 3fb4e09812
parent d016a507ea
1 changed files with 21 additions and 19 deletions
--- a/pkgs/development/libraries/libvncserver/default.nix
+++ b/pkgs/development/libraries/libvncserver/default.nix
@ -1,41 +1,43 @@
-{stdenv, fetchurl, fetchpatch,
- libtool, libjpeg, openssl, zlib, libgcrypt, autoreconfHook, pkgconfig, libpng,
- systemd
+{ stdenv, fetchzip, fetchpatch, cmake
+, libjpeg, openssl, zlib, libgcrypt, libpng
+, systemd
 }:

 let
  s = # Generated upstream information
  rec {
-    baseName="libvncserver";
-    version="0.9.11";
-    name="${baseName}-${version}";
-    url="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-${version}.tar.gz";
-    sha256="15189n09r1pg2nqrpgxqrcvad89cdcrca9gx6qhm6akjf81n6g8r";
+    pname = "libvncserver";
+    version = "0.9.12";
+    url = "https://github.com/LibVNC/libvncserver/archive/LibVNCServer-${version}.tar.gz";
+    sha256 = "1226hb179l914919f5nm2mlf8rhaarqbf48aa649p4rwmghyx9vm"; # unpacked archive checksum
  };
 in
 stdenv.mkDerivation {
-  inherit (s) name version;
-  src = fetchurl {
+  inherit (s) pname version;
+  src = fetchzip {
    inherit (s) url sha256;
  };
  patches = [
-    # CVE-2018-7225. Remove with the next release
    (fetchpatch {
-      url = https://salsa.debian.org/debian/libvncserver/raw/master/debian/patches/CVE-2018-7225.patch;
-      sha256 = "1hj1lzxsrdmzzl061vg0ncdpvfmvvkrpk8q12mp70qvszcqa7ja3";
+      name = "CVE-2018-20750.patch";
+      url = "https://github.com/LibVNC/libvncserver/commit/09e8fc02f59f16e2583b34fe1a270c238bd9ffec.patch";
+      sha256 = "004h50786nvjl3y3yazpsi2b767vc9gqrwm1ralj3zgy47kwfhqm";
+    })
+    (fetchpatch {
+      name = "CVE-2019-15681.patch";
+      url = "https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.patch";
+      sha256 = "0hf0ss7all2m50z2kan4mck51ws44yim4ymn8p0d991y465y6l9s";
    })
  ];
-  preConfigure = ''
-    sed -e 's@/usr/include/linux@${stdenv.cc.libc}/include/linux@g' -i configure
-  '';
-  nativeBuildInputs = [ pkgconfig autoreconfHook ];
+  nativeBuildInputs = [ cmake ];
  buildInputs = [
-    libtool libjpeg openssl libgcrypt libpng
+    libjpeg openssl libgcrypt libpng
  ] ++ stdenv.lib.optional stdenv.isLinux systemd;
  propagatedBuildInputs = [ zlib ];
  meta = {
    inherit (s) version;
-    description =  "VNC server library";
+    description = "VNC server library";
+    homepage = "https://libvnc.github.io/";
    license = stdenv.lib.licenses.gpl2Plus ;
    maintainers = [stdenv.lib.maintainers.raskin];
    platforms = stdenv.lib.platforms.unix;